NCI WEBSITE
NORMA eResearch @NCI Library

Comparative Analysis of Open-Source Forensics Tools to Efficiently Conduct Memory Forensics

Tools

George, Ashley Sunny (2023) Comparative Analysis of Open-Source Forensics Tools to Efficiently Conduct Memory Forensics. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (531kB) | Preview
[thumbnail of Configuration Manual]
Preview
 PDF (Configuration Manual)
Download (213kB) | Preview

Abstract

In a world where the development of new technologies are celebrated by everyone, criminals try to exploit it and cybersecurity professionals try to defend it. During an attack, one of the main tasks of the Incident Responders is to isolate the system/s which are being attacked and conduct forensics on it to understand the weight of the situation. This is done using various tools, both commercial and open source. Knowing how to use these tools efficiently comes with a lot of practice. This paper focuses on the open-source tools available for aspiring individuals to practice and learn these much-needed memory forensics skills in an efficient way. Over the course of this research, a comparative analysis is done on two sets of tools. The first one being the memory acquisition tools which includes DumpIt, FTK Imager, Belkasoft RAM Capturer, Magnet RAM capturer and Redline. The second set is the analysis frameworks where comparison is made between Volatility and Redline. The experiments conducted show promising results and suggests that the most efficient way to conduct memory forensics is by using DumpIt and Volatility in combination.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
McLaughlin, Eugene
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Ciara O'Brien
Date Deposited: 17 Apr 2025 10:27
Last Modified: 17 Apr 2025 10:27
URI: https://norma.ncirl.ie/id/eprint/7438

Actions (login required)

View Item View Item